Work even while sleeping! What is Clawdbot? 5-step installation must-see cybersecurity minefield

Clawdbot is an open-source AI assistant that became popular on the X platform, capable of executing computer commands remotely through messaging apps. Using a free AWS server plus $20 API access can replace a $2000 monthly salary assistant. Developers warn that this grants AI Root privileges, and prompt injection could lead to GitHub data leaks. It is recommended to use a clean computer with sandboxing, whitelists, token limits, and to restrict group access.

What is Clawdbot? An AI Assistant Operating 24/7 Autonomously

According to Damian Player, founder of Agent Integrator, Clawdbot is an open-source AI assistant running on a server 24/7. It’s not just a chatbot that answers questions but can perform actual tasks. Users can send commands via WhatsApp or Telegram, and it will automatically clean inboxes, schedule meetings, investigate company backgrounds, track potential clients, write content, and even manage calendars.

Tech media MacStories reports that Clawdbot’s core concept combines large language model (LLM) agents running on a computer with a communication software gateway. This means you don’t need to install additional apps—just send messages through familiar messaging platforms to control your home computer to perform complex tasks, such as controlling Spotify playback, operating smart bulbs, or even auto-coding to expand its capabilities. Clawdbot has self-improvement features, making it a prototype for future personal AI assistants.

Unlike typical ChatGPT or Claude chat windows, Clawdbot has high autonomy and can directly execute computer commands. Using AWS free tier servers and a $20 monthly API for Claude or ChatGPT can replace a $2000 monthly assistant. Imagine Siri remembering all your needs and automatically executing them—that’s Clawdbot. Many users post screenshots on X showing how Clawdbot handles work automatically while they sleep, or even rebuilds websites just by sending a message while watching Netflix.

5 Steps to Install Clawdbot on a Clean Computer

Many mistakenly believe setting up such an AI assistant requires expensive hardware. Although MacStories tested with the latest M4 Mac Mini, Damian Player emphasizes that users only need to apply for a standard cloud server, with setup taking about 30 minutes.

Step 1: Apply for a free AWS server. Visit the AWS website to create a free account and receive a $100 credit. Afterward, click to launch an Ubuntu instance on EC2, selecting the free tier.

Step 2: Install Clawdbot. Connect via terminal, paste the installation command (curl -fsSL https://clawd.bot/install.sh | bash), and the system will automatically download it. This takes about 3-4 minutes.

Step 3: Run the setup wizard. After installation, configure it to start automatically. Follow prompts: Quick Start, Anthropic, token paste setup, Opus 4.5 model, Telegram bot. The system will ask you to run commands on your local computer to obtain a Token.

Step 4: Create a Telegram bot. Search @botfather on Telegram to create a new bot and get its Token. Then, search @useridbot to get your personal ID. Enter these two data points into the setup wizard to ensure only you can control the AI.

Step 5: Assign identity. Answer Clawdbot’s questions on Telegram, such as what to call it, its purpose, and your timezone. Once done, installation is complete.

5 Important Security Settings Before Use to Avoid Disasters

Notable developers Funky and independent developer Burak Eregar warn that installing Clawdbot effectively grants AI Root access on your computer. Default settings could allow malicious prompt injections that might delete your GitHub repositories or leak personal data. The primary risk mitigation step is to avoid using your main computer—where sensitive info, credit card data, crypto wallets, and private keys are stored—and instead use a clean, non-confidential machine.

5 Recommended Security Settings for Clawdbot

Enable Sandbox Mode: Make sure to activate sandboxing to prevent AI from executing commands directly at the OS level.

Perform Security Audits: Clawdbot has built-in security check tools; run security audit commands in the terminal before deployment.

Whitelist Mode: Do not allow the agent to execute “any” command. Clearly set a whitelist, only permitting necessary permissions.

Limit Token Scope: When connecting to GitHub or Google accounts, do not grant “full access.” For example, GitHub should only have read/write access to specific public repositories.

Keep It Private: Never add your Clawdbot to Telegram or WhatsApp group chats. This would allow everyone in the group to access your server backend via the bot.

Damian Player emphasizes that many people only screenshot and save tutorials but never actually run them. However, those with 24/7 AI assistants and those without will see a significant productivity gap. Those willing to spend time setting up Clawdbot (and ensuring safe use) will have a huge advantage over the masses who start later.